diff options
| -rw-r--r-- | config/initializers/session_store.rb | 4 | ||||
| -rw-r--r-- | db/migrate/118_remove_sessions_again.rb | 16 |
2 files changed, 18 insertions, 2 deletions
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb index 3c3cbe5ad..a05d2c7d1 100644 --- a/config/initializers/session_store.rb +++ b/config/initializers/session_store.rb @@ -2,14 +2,14 @@ # Your secret key for verifying cookie session data integrity. # If you change this key, all old sessions will become invalid! -# Make sure the secret is at least 30 characters and all random, +# Make sure the secret is at least 30 characters and all random, # no regular words or you'll be exposed to dictionary attacks. ActionController::Base.session = { :key => '_wdtk_cookie_session', :secret => MySociety::Config.get("COOKIE_STORE_SESSION_SECRET", 'this default is insecure as code is open source, please override for live sites in config/general; this will do for local development') } -ActionController::Base.session_store = :active_record_store +ActionController::Base.session_store = :cookie_store # Insert a bit of middleware code to prevent uneeded cookie setting. require "#{Rails.root}/lib/whatdotheyknow/strip_empty_sessions" diff --git a/db/migrate/118_remove_sessions_again.rb b/db/migrate/118_remove_sessions_again.rb new file mode 100644 index 000000000..dc5a63df7 --- /dev/null +++ b/db/migrate/118_remove_sessions_again.rb @@ -0,0 +1,16 @@ +class RemoveSessionsAgain < ActiveRecord::Migration + def self.up + drop_table :sessions + end + + def self.down + create_table :sessions do |t| + t.string :session_id, :null => false + t.text :data + t.timestamps + end + + add_index :sessions, :session_id + add_index :sessions, :updated_at + end +end |